Published: 18/05/2017 Updated: 07/11/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

GNU Binutils 2.28 allows remote malicious users to cause a denial of service (memory consumption) via a crafted ELF file with many program headers, related to the get_program_headers function in readelf.c.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gnu binutils 2.28

Debian Bug report logs - #863674 CVE-2017-9038 to CVE-2017-9043 Package: binutils; Maintainer for binutils is Matthias Klose <doko@debianorg>; Source for binutils is src:binutils (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Mon, 29 May 2017 21:21:04 UTC Severity: important Tags: fixe ...

GNU Binutils 228 allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file with many program headers, related to the get_program_headers function in readelfc ...

GNU Binutils 228 allows attackers to cause a denial of service (memory consumption) via a crafted ELF file with many program headers, related to the get_program_headers function in readelfc ...

CWE-770 https://blogs.gentoo.org/ago/2017/05/12/binutils-multiple-crashes/http://www.securityfocus.com/bid/98580 https://security.gentoo.org/glsa/201709-02 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=82156ab704b08b124d319c0decdbd48b3ca2dac5 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863674 https://nvd.nist.gov https://security.archlinux.org/CVE-2017-9039

CVE-2017-9039

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect